Getting Started with Shorewall

TomEastep

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version
1.2 or any later version published by the Free Software Foundation; with
no Invariant Sections, with no Front-Cover, and with no Back-Cover
Texts. A copy of the license is included in the section entitled
“GNU Free Documentation
License”.

2018/06/21

Caution

Do not attempt to install Shorewall on a
remote system. You are virtually assured to lock yourself
out.

Next, read the QuickStart Guide that is appropriate for your
configuration:

If you just want to protect a system: (Requires
Shorewall 4.4.12-Beta3 or later)

Universal configuration --
requires no configuration to protect a single system.

Caution

This configuration places all interfaces in the net zone. If you
add another interface or VPN, you will want to select a different
QuickStart Guide.

If you have only one public IP
address:

Standalone Linux System with a
single network interface (if you are running Shorewall 4.4.12 Beta 3 or
later, use the Universal
configuration instead).

Two-interface Linux System
acting as a firewall/router for a small local network. For
Redhat-specific install/configure information, see this
article contributed by Digimer.

Three-interface Linux
System acting as a firewall/router for a small local network and a
DMZ.

If you have more than one public IP
address:

The Shorewall Setup
Guide outlines the steps necessary to set up a firewall where
there are multiple public IP addresses involved or if you want to learn
more about Shorewall than is explained in the single-address guides
above.